A security breach that went on for two months before JPMorgan Chase & Co. detected it over the summer may have exposed the personal information of some 8,500 Michigan residents who receive unemployment benefits.

The state announced today that the bank alerted the Unemployment Insurance Agency 2½ months after it detected the security breach.

“We have worked closely with JPMorgan Chase to share our concern about the delayed notification and to ensure that the state receives immediate notice of future problems,” Dan Lohrmann, chief security officer for the state, said in a statement. “We work around the clock to keep citizen information and data protected, and I feel confident that everyone involved in this event understands the importance of protecting personal information.”

The bank told the state that Social Security numbers, bank account numbers, passwords, home addresses, email addresses and phone numbers of customers could have been viewed by an unauthorized party on the bank’s servers. The state uses debit cards from Chase for those receiving unemployment benefits.

Michigan residents were not the only ones affected. According to the statement, about 465,000 cardholders across the country could have had their personal information compromised.

Affected customers, which are those who used the Chase bank website between mid-July and mid-September, will receive an email from the bank, and the state will send an email to those same customers today.

"The UIA is deeply concerned about this incident,” Shaun Thomas, director of the Unemployment Insurance Agency, said in a statement. “We’re encouraging our customers to take advantage of the free credit monitoring services that will be provided at Chase’s expense.”

The free credit monitoring service is being done by ITAC Sentinel Plus, and those affected can enroll online at itacsentinel.com/alert or by calling (866) 746-4253. The customers will have to have the redemption code referenced in their notification by Chase to receive the free service.